How secure are car remote keys? When you lock or unlock your car, can someone spoof or make another remote key?

How do car remote keys work? Do they use some kind of private/public keys, encryption?

Are aftermarket alarm remote keys less secure than the manufacturer remote keys? I am mostly interested to find out if it is possible for someone to sit in a car park and listen for remote key signals and then use them?

1 Answer
1

High-end manufacturers use expensive challenge-response schemes (the key sends a request, the car answers with a challenge, and the key sends a reply derived from the challenge with some algorithm).
Even so, such algorithms are proprietary, usually not reviewed, and could well be an example of "rolling your own crypto". There are solutions, but to quote the paper below,

Note, however, that a physical implementation of mathematically secure
ciphers still can be vulnerable to side-channel (typically power
analysis) attacks. Also the key distribution/management, when wrongly
implemented like with the Keeloq's manufacturer key, can introduce a
single point of failure into the commercial cryptosystem. In other
words, the chain is as strong as its weakest element, so the marketing
headword 'employes AES' does by far not mean that the product as whole
is secure.

Cheaper manufacturers use a rolling scheme employing a PRNG. Quite often, the car has a "guard period" after receiving a code, in which it will actively not recognize any code, to avoid bruteforcing. Several of these schemes actually relied on the secrecy of the algorithm, and have been broken (link to theory, practice and source code):

Recently it has been demonstrated how the manufacturer key can be
extracted from a receiver device by a physical side-channel
cryptanalysis and how a particular remote control can be cloned
(either knowing a matching manufacturer key without physical access to
the remote, or without manufacturer key but requiring physical access
to the remote)

Still cheaper manufacturers employ a rolling scheme between N codes, which is vulnerable to replay attacks (you get one code) or "stalking" the garage until you get enough codes.

Another vulnerability of remotes is jamming. You stalk a parking lot and fill the 433 MHz band with noise. Out of every ten people that lock their cars with a remote, nine of them will notice that the car lock didn't actually engage. They'll try again, blaming the batteries on the key fob, and finally lock the car manually. You rob the tenth driver blind: no need for sophisticated crypto at all.

Case in point

KeeLoq remote keyless entry systems are widely used for access control
purposes such as garage openers or car door systems. We present the
first successful differential power analysis attacks on numerous
commercially available products employing KeeLoq code hopping. Our new
techniques combine side-channel cryptanalysis with specific
properties of the KeeLoq algorithm. They allow for efficiently
revealing both the secret key of a remote transmitter and the
manufacturer key stored in a receiver. As a result, a remote control
can be cloned from only ten power traces, allowing for a practical
key recovery in few minutes. After extracting the manufacturer key
once, with similar techniques, we demonstrate how to recover the
secret key of a remote control and replicate it from a distance,
just by eavesdropping on at most two messages. This key-cloning
without physical access to the device has serious real-world
security implications, as the technically challenging part can be
outsourced to specialists. Finally, we mount a denial of service
attack on a KeeLoq access control system. All proposed attacks have
been verified on several commercial KeeLoq products

This is not so much due to a shortcoming in KeeLoq's algorithm but in its practical implementation by the vendor. As such, there are claims that an aftermarket key can actually be fixed:

If your receiver device contains a
specialized hardware KeeLoq decoder, it should be possible to flash
your own randomly selected device code into that chip and matching
remotes, following the instructions in appropriate data sheets. In
this way you circumvent the problem with the learning algorithm and
manufacturer key.

(Along with a bounty of information, the page explains why my old garage remote happened to also open the University gate, as I discovered one sleepy morning when I inadvertently picked up the wrong remote - different on the outside, the two receivers must have been identical on the inside).

Some of the high-end manufactures also seem to have particularly vulnerable systems. BMW, for instance, has been plagued by keyless thefts. Here's one article about it.
–
XanderSep 27 '13 at 16:51

If my car has only OEM central remote door lock and if i install some aftermarket alarm system with remote key, then probably my car central locking "procedure" comes less secure, because aftermarket key is anyway connected to OEM locking components? or i am wrong? (In viewpoint if aftermarket remote key uses poor security)
–
GuntisSep 30 '13 at 8:42

In general, I'd say that whenever two systems interconnect, the security you get is the lesser of the two, less again any additional loss due to the interconnection itself (e.g.: if, to connect, either system has to be made less secure - some part disabled, or downgraded - to let the connection work at all). In your scenario, though, I would think that the original remote system would be completely disconnected (they won't both work in parallel), so you'll get all the security of the aftermarket system... and only that. If it's more than the original, well and good. If it's less...
–
lserniSep 30 '13 at 9:12

For my car, i can use booth remote keys. I can lock with aftermarket remote key and unlock with OEM key. If i do that, ofcourse alarm play sound :) But i can use booth remote keys. With that i mean, that someone can listen to aftermarket key signals and use it. And i think that in car remote key is telling to car "brains", that car must be locked or unlocked. In my case i have only OEM remote lock/unlock. I do not have OEM alarm system.
–
GuntisSep 30 '13 at 10:58

Heh. In that case, the composite system would be slightly less secure than either of the two alone. Slightly, because the scenario where a crook can listen to, or reproduce, or enumerate OEM signals after you locked the car with the aftermarket remote is quite unlikely, and anyhow, as you observe, he'd get an alarm sounding on him. The greater risk is that the aftermarket key, which both unlocks and stills the alarm, is less secure than the OEM version.
–
lserniSep 30 '13 at 11:10